Data-Structure Injection (DSI) in AI Agents

How controlling the structure of the prompt, not just the semantics, can exploit your AI agents and their tools

AgentFlayer: Versión en español.

Exploring the Risks of ChatGPT’s Atlas Browser

Appendix

Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Breaking down AgentKit's Guardrails

A deep dive into OpenAI's AgentKit guardrails, how they are implemented, and where they fail

Analyzing The Security Risks of OpenAI's AgentKit

Exhibit & Exploit: Two DEF CON 33 Highlights from the Past & Future of Hacking

Humans, hacker culture and AI: Notes from Hacker Summer Camp

Prompt Mines: 0-Click Data Corruption In Salesforce Einstein

AgentFlayer: Minimum Clicks, Maximum Leaks: Tilling ChatGPT’s Attack Surface

Exploiting ChatGPT with Language Alone: A Deep Dive into 0Click and 1Click Attacks.

AgentFlayer: ChatGPT Connectors 0click Attack

AI Enterprise Compromise - 0click Exploit Methods